OpenVPN to Linux client connection issues
-
I am running pfs 1.2.3 and have configured ovpn to communicate with 3 external windows boxes. Works prefectly! ;D
Now one of those doze boxes have become a linux Ubuntu and I am trying to reuse the client connection cert and key for ubuntu. if that is possible???
client config file
client dev tun proto tcp remote xxx.xx.xx.54 443 resolv-retry infinite nobind persist-tun persist-key ca /etc/openvpn/shadow/ca.crt cert /etc/openvpn/shadow/client1.crt key /etc/openvpn/shadow/client1.key tls-client ns-cert-type server comp-lzo verb 4 redirect-gateway
I get this error
Mon Oct 4 03:46:26 2010 us=289969 OPTIONS IMPORT: --ifconfig/up options modified Mon Oct 4 03:46:26 2010 us=289976 OPTIONS IMPORT: route options modified Mon Oct 4 03:46:26 2010 us=289982 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Mon Oct 4 03:46:26 2010 us=289990 Preserving previous TUN/TAP instance: tun4 Mon Oct 4 03:46:26 2010 us=289997 Initialization Sequence Completed Mon Oct 4 03:46:30 2010 us=298177 Connection reset, restarting [0] Mon Oct 4 03:46:30 2010 us=298306 TCP/UDP: Closing socket Mon Oct 4 03:46:30 2010 us=298341 SIGUSR1[soft,connection-reset] received, process restarting Mon Oct 4 03:46:30 2010 us=298362 Restart pause, 5 second(s)
Can anyone can help point me off in the right direction
-
Reusing the same keys and config such should be fine, it doesn't look like anything you are using in that config file is Windows-specific.
It hasn't mattered for me in the past, but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.
You might also crank up the verbosity "verb 6" or 7 or more, just to see if it gives anything more helpful than what you have.
-
but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.
I am unsure what you mean unless you mean to switch '.ovpn' to '.conf'
You might also crank up the verbosity "verb 6" or 7 or more, just to see if it gives anything more helpful than what you have.
I tried to crank the verbosity up aswell and nothing
After further investigation i found this error:```
Tue Oct 5 03:47:34 2010 us=396931 /sbin/route add -net xxx.xx.xx.54 netmask 255.255.255.255 gw 10.8.112.254
SIOCADDRT: File exists
Tue Oct 5 03:47:34 2010 us=397708 ERROR: Linux route add command failed: external program exited with error status: 7 -
So it already has a route for that network somehow. Does the local subnet overlap what the remote side should be?
-
but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.
I am unsure what you mean unless you mean to switch '.ovpn' to '.conf'
I meant DOS (^M\n, or \r\n) vs UNIX (\n) newlines. OpenVPN doesn't generally seem to care though, it tends to read either set.
-
So it already has a route for that network somehow. Does the local subnet overlap what the remote side should be?
I hope not! My Server is in the 192.168.x.0/24 network supplying a x.x.50.x ovpn addresses. and the clients reside in the 10.8.x.0/24 network.
I meant DOS (^M\n, or \r\n) vs UNIX (\n) newlines. OpenVPN doesn't generally seem to care though, it tends to read either set.
i didn't actually switch the file extension from '.opvn' to '.config' i created a new config file with sudo gedit /etc/openvpn/x/
If I end up having to create a new vpn tunnel what are the recomended settings or settings period for a linux/ubuntu box
-
No specific settings for ubuntu, it should all just work as long as you have the settings match the server (proper keys, protocol, port, compression, cipher, etc)